//package org.vaadin.example.biz;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.security.core.authority.SimpleGrantedAuthority;
//import org.springframework.security.core.userdetails.UserDetails;
//import org.springframework.security.core.userdetails.UserDetailsService;
//import org.springframework.security.core.userdetails.UsernameNotFoundException;
//import org.springframework.stereotype.Service;
//import org.vaadin.example.model.entity.Permission;
//import org.vaadin.example.model.entity.Role;
//import org.vaadin.example.model.entity.User;
//import org.vaadin.example.repo.PermissionRepository;
//import org.vaadin.example.repo.RoleRepository;
//import org.vaadin.example.repo.UserRepository;
//
//import java.util.ArrayList;
//import java.util.List;
//import java.util.Optional;
//
//@Service
//public class RbacService implements UserDetailsService {
//    @Autowired
//    private UserRepository userRepository;
//    @Autowired
//    private RoleRepository roleRepository;
//    @Autowired
//    private PermissionRepository permissionRepository;
//
//    @Override
//    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//        Optional<User> user = userRepository.findByUsername(username);
//        if (!user.isPresent()) {
//            throw new UsernameNotFoundException("User not found with username: " + username);
//        }
//        // 加载用户的角色和权限
//        List<Role> roles = roleRepository.findByUsersId(user.get().getId());
//        List<SimpleGrantedAuthority> authorities = new ArrayList<>();
//        for (Role role : roles) {
//            List<Permission> permissions = permissionRepository.findByRolesId(role.getId());
//            for (Permission permission : permissions) {
//                authorities.add(new SimpleGrantedAuthority(permission.getName()));
//            }
//        }
//        return new org.springframework.security.core.userdetails.User(
//                user.get().getUsername(),
//                user.get().getPassword(), // 实际应用中应使用加密后的密码
//                authorities
//        );
//    }
//}